Hi All:
i have met a problem. Now i am wirting a c function that convert a
PEM x509 cert in a buffer (yes, the pem x509 cert is in the buffer, not in
a pem file) into a DER x509 cert in a buffer (not in der file)too. I wrote
the c code:
// inBuff-->IN_BIO-->X509-->outBuff
int buf_cert_convert_pem_to_der(const unsigned char *in, int inLen,
unsigned char *out, int *outLen)
{
int ret = 0;
BIO *bio_in = NULL;
X509 *x509 = NULL;
unsigned char *der_cert_buff = NULL;
int len = 0;
bio_in = BIO_new_mem_buf((void *)in, inLen);
if(bio_in == NULL)
{
printf("BIO_new_mem_buf a bio_in error! \n");
ret = -1;
goto err;
}
if (!PEM_read_bio_X509(bio_in, &x509, NULL, NULL))
{
printf("PEM_read_bio_X509 read x509 cert from bio error! \n");
ret = -1;
goto err;
}
len = i2d_X509(x509, NULL);
if (len <= 0)
{
printf("i2d_X509 read x509 cert length error! \n");
ret = -1;
goto err;
}
if(len > *outLen)
{
printf("the out buff length is not enough for the x509 cert error! \n");
ret = -1;
goto err;
}
der_cert_buff = (unsigned char *)malloc(len);
if(der_cert_buff == NULL)
{
printf("alloc mem error! \n");
ret = -1;
goto err;
}
memset(der_cert_buff, 0, len);
len = i2d_X509(x509, &der_cert_buff); //????
if (len <= 0)
{
printf("i2d_X509 read x509 cert error! \n");
ret = -1;
goto err;
}
//debug
printf("der file len: %d bytes \n", len);
memcpy(out, der_cert_buff, len);
*outLen = len;
ret = 0;
err:
// Does der_cert_buff need free manually? when i free manually, it will
collapse. I donot know why. It always free manually when you use **poiter?
/*
if (der_cert_buff != NULL)
free(der_cert_buff);
*/
if (bio_in != NULL)
BIO_free(bio_in);
if (x509 != NULL)
X509_free(x509);
return ret;
}
Question:
1. Am i right? when i debug this program i always wrong... I cannot find
out the reason.
2. In the funtion i2d_X509(x509, &der_cert_buff), Does der_cert_buff need
to be
free manually? when i free ,it would collapse -:(
thanks.
BTWa: I wrote a test c code bellow:
// test for buf_cert_convert_pem_to_der
#define PEM_CERT_FILE "test_cert.pem"
#define DER_CERT_FILE "test_cert.der"
int test5()
{
int inLen = 0, outLen = DATA_BUFF_LEN;
unsigned char in[DATA_BUFF_LEN], out[DATA_BUFF_LEN];
FILE *pem_f = NULL, *der_f = NULL;
unsigned long fileLen = 0;
int ret = 0;
fileLen = get_file_size(PEM_CERT_FILE);
if(fileLen < 0)
{
printf("get pem file length error\n");
ret = -1;
goto err;
}
if((pem_f = fopen(PEM_CERT_FILE, "r")) == NULL)
{
printf("open pem file error! \n");
ret = -1;
goto err;
}
memset(in, 0, DATA_BUFF_LEN);
do
{
ret = fread(in, DATA_BUFF_LEN, 1, pem_f);
}while(ret > 0);
if(ret < 0)
{
printf("read pem file error\n");
ret = -1;
goto err;
}
ret = 0;
memset(out, 0, DATA_BUFF_LEN);
ret = buf_cert_convert_pem_to_der(in, fileLen, out, &outLen);
if(ret != 0)
{
printf("buf_cert_convert_pem_to_der error\n");
ret = -1;
goto err;
}
if((der_f = fopen(DER_CERT_FILE, "wb+")) == NULL)
{
printf("open der file error! \n");
ret = -1;
goto err;
}
ret = fwrite(out, outLen, 1, der_f);
if(ret <= 0)
{
printf("write der file error \n");
ret = -1;
goto err;
}
ret = 0;
printf("buf_cert_convert_pem_to_der ok! \n");
err:
if(der_f != NULL)
fclose(der_f);
if(pem_f != NULL)
fclose(pem_f);
return ret;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151015/58e167fa/attachment.html>
